Skip to content
This repository was archived by the owner on Jun 2, 2025. It is now read-only.

Commit 8bd60aa

Browse files
kenny-ezirimkenny-ezirim
committed
Make change to pom.xml to address vulnerabilities
1 parent ae8d5bd commit 8bd60aa

File tree

2 files changed

+29
-8
lines changed

2 files changed

+29
-8
lines changed

Dockerfile

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,4 +58,5 @@ RUN cp ./target/sparkml-serving-3.3.jar /usr/local/lib/sparkml-serving-3.3.jar
5858
RUN cp ./serve.sh /usr/local/bin/serve.sh
5959

6060
RUN chmod a+x /usr/local/bin/serve.sh
61-
ENTRYPOINT ["/usr/local/bin/serve.sh"]
61+
62+
ENTRYPOINT ["/usr/local/bin/serve.sh"]

pom.xml

Lines changed: 27 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,8 @@
1717
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
1818
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
1919
<parent>
20-
<artifactId>spring-boot-starter-parent</artifactId>
2120
<groupId>org.springframework.boot</groupId>
21+
<artifactId>spring-boot-starter-parent</artifactId>
2222
<version>2.1.18.RELEASE</version>
2323
</parent>
2424
<modelVersion>4.0.0</modelVersion>
@@ -30,7 +30,7 @@
3030
<plugin>
3131
<groupId>org.apache.maven.plugins</groupId>
3232
<artifactId>maven-compiler-plugin</artifactId>
33-
<version>3.8.0</version>
33+
<version>3.10.1</version>
3434
<configuration>
3535
<source>8</source>
3636
<target>8</target>
@@ -39,7 +39,7 @@
3939
<plugin>
4040
<groupId>org.apache.maven.plugins</groupId>
4141
<artifactId>maven-shade-plugin</artifactId>
42-
<version>3.2.0</version>
42+
<version>3.4.0</version>
4343
<executions>
4444
<execution>
4545
<phase>package</phase>
@@ -174,15 +174,20 @@
174174
<artifactId>commons-lang3</artifactId>
175175
<version>3.12.0</version>
176176
</dependency>
177+
<dependency>
178+
<groupId>org.apache.commons</groupId>
179+
<artifactId>commons-compress</artifactId>
180+
<version>1.21</version>
181+
</dependency>
177182
<dependency>
178183
<groupId>org.springframework.boot</groupId>
179184
<artifactId>spring-boot-starter-jetty</artifactId>
180-
<version>2.7.4</version>
185+
<version>2.7.5</version>
181186
</dependency>
182187
<dependency>
183188
<groupId>org.springframework.boot</groupId>
184189
<artifactId>spring-boot-starter-web</artifactId>
185-
<version>2.7.4</version>
190+
<version>2.7.5</version>
186191
<exclusions>
187192
<exclusion>
188193
<artifactId>spring-boot-starter-tomcat</artifactId>
@@ -217,13 +222,28 @@
217222
<dependency>
218223
<groupId>org.springframework.boot</groupId>
219224
<artifactId>spring-boot-starter-test</artifactId>
220-
<version>2.7.4</version>
225+
<version>2.7.5</version>
221226
<scope>test</scope>
222227
</dependency>
223228
<dependency>
224229
<groupId>org.springframework.boot</groupId>
225230
<artifactId>spring-boot-starter-json</artifactId>
226-
<version>2.7.4</version>
231+
<version>2.7.5</version>
232+
</dependency>
233+
<dependency>
234+
<groupId>com.fasterxml.jackson.core</groupId>
235+
<artifactId>jackson-core</artifactId>
236+
<version>2.13.4</version>
237+
</dependency>
238+
<dependency>
239+
<groupId>com.fasterxml.jackson.core</groupId>
240+
<artifactId>jackson-databind</artifactId>
241+
<version>2.13.4.2</version>
242+
</dependency>
243+
<dependency>
244+
<groupId>org.apache.maven.shared</groupId>
245+
<artifactId>maven-shared-utils</artifactId>
246+
<version>3.3.4</version>
227247
</dependency>
228248
</dependencies>
229249
<properties>

0 commit comments

Comments
 (0)